The present invention is directed toward a system and method of authenticating a cellular subscriber at registration and, more particularly, toward a system and method of authenticating a cellular subscriber at registration wherein the subscriber""s HLR (Home Location Register) address is determined without having to analyze the unique IMSI (International Mobile Subscriber Identity) number associated with that particular subscriber.
When a Public Land-Mobile Network (PLMN) requires multiple Home Location Registers (HLRs), either for capacity reasons or for geographical distribution of databases nearer the normal serving Mobile Switching Centers (MSCs) for those subscribers, the addressing is complicated by the fact that both the International Mobile Subscriber Identity (IMSI) number and the Mobile Services International Subscriber Directory Number (MSISDN) must be routable numbers pointing to the same HLR. This is handled in traditional Global Systems for Mobile Communications (GSM) networks by assigning a particular IMSI value after the MSISDN is chosen.
However, in the U.S., the IMSIs are pre-assigned, i.e., already in the SIM (Subscriber Identification Module) chip internal to the cell phone at purchase, and thus the operator has no control over which IMSI a particular subscriber will get. This is a different situation than was envisioned by the original GSM designers when the standards were developed. This problem has been addressed by mapping the MSISDN to the IMSI in the MSCs to allow both numbers to point to the same HLR regardless of the MSISDN value. The relationship between the MSISDN and the IMSI then becomes random, associated only by table data. Subscriptions, however, must still be located in the HLRs based on the IMSI number series.
If the operator does not care which HLR the subscribers are in, e.g., proximity of location does not matter either in length of signalling path or in grouping particular MSISDN series in a particular HLR versus all MSISDN series appearing in all HLRs, then this method is sufficient. However, it still results in overhead for the operator to assure that the IMSI series are manufactured and distributed in a coherent manner.
If the operator does care how subscriptions are distributed among HLRs, then it is not sufficient to just map the MSISDN to the IMSI. In this situation, the entire IMSI will need to be analyzed to determine which HLR a subscriber is in, since subscribers will not be located in particular HLRs based on IMSI number series, but rather particular IMSI numbers. This has resulted in the addition of what are conventionally called enhanced STP (Signal Transferring Point) nodes to traditional GSM systems. The enhanced STP node is basically a conventional STP node modified or enhanced to be capable of analyzing the entire 15-digit IMSI number and/or the entire 10-digit MSISDN number. This enhanced STP node was not necessary when subscribers were assigned to HLRs based on the IMSI number series, as only the first six or seven digits of an IMSI number needed to be analyzed in order to determine which particular HLR a subscriber was in, and conventional STP nodes were capable of such analyzation. In order for the current systems to operatively function, all signalling traffic to the HLRs must be routed through these enhanced STP nodes, causing problems in delay, backlog, and possibly system shutdown should one of these nodes fail.
The present invention is directed towards overcoming one or more of the above-mentioned problems.
In one aspect of the present invention, a method of authenticating a subscriber at registration is provided for use in a mobile communications system including at least a switching center communicatible with at least one equipment registry and at least two subscriber registries, wherein, for each system subscriber, data associated with that subscriber is stored at a unique address in one of the subscriber registries. The method includes the steps of receiving an equipment identity number at the switching center, the equipment identity number being unique to a particular mobile communications device used by the subscriber, transmitting the equipment identity number to the equipment registry, checking operability status of the particular mobile communications device, transmitting, from the equipment registry to the switching center, the device operability status together with the unique address of data associated with the subscriber authorized to use the particular mobile communications device, retrieving data from the unique address, and authenticating the subscriber based upon the retrieved data.
In one form, the mobile communications device includes a cellular telephone.
In another form, the equipment identity number includes an International Mobile Equipment Identity number unique to each mobile communications device.
In another form, each subscriber registry includes a Home Location Register.
In another form, the equipment registry transmits to the switching center, along with the unique address of data associated with the subscriber authorized to use the particular mobile communications device, the unique address in an authentication center allocated to that subscriber, wherein the authentication center is communicatible with the subscriber registries to provide data associated with the system subscribers thereto.
In another form, the unique authentication center address transmitted by the equipment registry includes an authentication center identifier and a subscriber identity number corresponding to the unique address in the identified authentication center.
In another form, the unique subscriber address transmitted by the equipment registry includes a subscriber registry identifier and a subscriber identity number corresponding to the unique address in the identified subscriber registry.
In another form, the subscriber identity number includes an International Mobile Subscriber Identity number unique to each subscriber.
In another form, the switching center includes a Mobile Switching Center having an associated Visitor Location Register.
In another form, the equipment registry includes an Equipment Identity Register.
In another aspect of the present invention, an apparatus for authenticating a subscriber at registration is provided for use in a mobile communications system having at least a switching center communicatible with at least one equipment registry and at least two subscriber registries, wherein, for each system subscriber, data associated with that subscriber is stored at a unique address and one of the subscriber registries. The apparatus includes switching apparatus for requesting and receiving an equipment identity number from a mobile communications device attempting to use the communications system, an equipment registry storing, for each mobile communications device posted with the system, the equipment identity number and the unique address in the subscriber registries of the data associated with that equipment identity number, apparatus for transmitting a received equipment identity number from the switching apparatus to the equipment registry, apparatus for retrieving a unique address associated with the transmitted equipment identity number and transmitting the unique address to the switching apparatus, apparatus for communicating directly with the unique address in the subscriber registries to retrieve data therefrom to the switching apparatus, and apparatus for determining whether to authorize use of the system by the mobile communications device attempting to use the communications system based on the retrieved data.
In one form, the equipment registry also stores, for each mobile communications device posted with the system, operability status data associated with the equipment identity number. The retrieving apparatus also retrieves the operability status data associated with the transmitted equipment identity number, and, the determining apparatus also determines whether to authorize use of the system based on the retrieved operability status data.
In another form, the equipment registry also stores, for each mobile communications device posted with the system, a unique address in an authentication center allocated to the subscriber. The retrieving apparatus also retrieves the unique address in the authentication center, wherein the authentication center is communicatible with the subscriber registries to provide data associated with system subscribers thereto.
It is an object of the present invention to provide a system and method for authenticating a cellular subscriber while minimizing signalling costs.
It is a further object of the present invention to provide a system and method for authenticating a cellular subscriber while eliminating problems in delay, backlog, and system shutdown due to conventional STP nodes.
It a further object of the present invention to provide a system and method for authenticating a cellular subscriber while maximizing speed and reliability of the system and at the same time simplifying maintenance.
It is yet a further object of the present invention to provide a system and method for authenticating a cellular subscriber providing the advantages identified above utilizing present systems without requiring costly and prohibitive modifications to the many current systems in place.
Other aspects, objects and advantages of the present invention can be obtained from a study of the application, the drawings, and the appended claims.